My Favorite Robot Vacuum is currently $250 off!

andreasc
-
0
My Favorite Robot Vacuum is currently $250 off!
[ad_1]

The ECOVACS DEEBOT T30S COMBO robot vacuum is on sale over at Amazon right now for just $950.99. This is an expensive robot vacuum, don’t get me wrong, but it is worth every penny. It is currently my favorite robot vacuum on the market, and as someone that has reviewed no less than 7 robot vacuums in the past 12 months, that’s saying something.

In my review of the ECOVACS DEEBOT T30S COMBO, I called it “The Most Innovative Robot Vacuum Yet”, and I still feel that way. And it’s pretty simple. This “Combo” includes a hand vacuum that docks with the robot vacuum and can auto empty, like the robot vacuum. Making cleaning so much easier, and giving you a one-stop-shop for your vacuuming needs. This lets you break out the handheld vacuum when you need to clean something up easily and then dock it away again without breaking out the robot vacuum.

The robot vacuum is also pretty impressive. ECOVACS has done some pretty incredible things with its mopping functionality, and this one does have two actual mops on the bottom instead of mopping pads. One of them actually pops out to clean the corners and edges of the room better. The dock can clean these mopping pads and dry them, making them nice and clean for the next run-through.

ECOVACS has also included its anti-tangle technology that keeps the rollers from getting tangled in hair. Honestly, I was pretty skeptical about this when I was briefed on the vacuum. But having a dog that is always shedding, I knew I’d put it to the test. And to my surprise, it worked out very well. It never got tangled in about three months of using the vacuum.

You can grab your own ECOVACS DEEBOT T30S COMBO from Amazon at the link below.

Buy at Amazon


[ad_2]
Source link

Google to offer $250,000 for Full VM Escape Zero-day Vulnerability

andreasc
-
0
Google to offer $250,000 for Full VM Escape Zero-day Vulnerability
[ad_1]

Google has unveiled kvmCTF, a new vulnerability reward program (VRP) explicitly targeting the Kernel-based Virtual Machine (KVM) hypervisor.

This initiative, first announced in October 2023, underscores Google’s commitment to enhancing the security of foundational technologies like Linux and KVM, which are integral to many of its products, including Android and Google Cloud.

KVM, a robust hypervisor with over 15 years of open-source development, is widely used across consumer and enterprise landscapes.

Google, an active contributor to the KVM project, has designed kvmCTF as a collaborative platform for identifying and remediating vulnerabilities, thereby hardening this critical security boundary.

The program is similar to kernelCTF but focuses on zero-day vulnerabilities, previously unknown security flaws.

"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo

Participants in kvmCTF will have access to a lab environment to log in and utilize their exploits to obtain flags.

The program will not reward exploits that use n-day vulnerabilities, ensuring the focus remains on discovering new, unpatched vulnerabilities.

Details regarding any discovered zero-day vulnerabilities will be shared with Google only after an upstream patch is released, ensuring that Google receives the information simultaneously with the rest of the open-source community.

Reward Tiers and Participation

The kvmCTF program offers substantial rewards for various levels of the following vulnerabilities:

  • Full VM escape: $250,000
  • Arbitrary memory write: $100,000
  • Arbitrary memory read: $50,000
  • Relative memory write: $50,000
  • Denial of service: $20,000
  • Relative memory read: $10,000

To facilitate the discovery of these vulnerabilities, kvmCTF provides the option of using a host with Kernel Address Sanitizer (KASAN) enabled, which helps identify memory errors.

Participants will engage in a controlled environment with a bare metal host running a single guest VM.

They can reserve time slots to access the guest VM and attempt guest-to-host attacks, aiming to exploit zero-day vulnerabilities in the KVM subsystem of the host kernel.

Successful attackers will obtain a flag as proof of their accomplishment, and the severity of the attack will determine the reward amount.

How to Get Involved

To participate in kvmCTF, interested individuals must start by reading the program’s rules, which provide detailed information on reserving a time slot, connecting to the guest VM, and obtaining flags.

The rules also explain the mapping of various KASAN violations with the reward tiers and offer instructions on reporting a vulnerability.

Google’s kvmCTF initiative represents a significant step forward in the collaborative effort to secure open-source technologies.

By offering substantial rewards for discovering zero-day vulnerabilities, Google aims to engage the global security community in its mission to enhance the security and reliability of the KVM hypervisor, ultimately benefiting users worldwide.

Are you from SOC/DFIR Teams? - Sign up for a free ANY.RUN account! to Analyse Advanced Malware Files


[ad_2]
Source link

Galaxy S25 to offer AI upscaling for games thanks to its SoC

andreasc
-
0
Galaxy S25 to offer AI upscaling for games thanks to its SoC
[ad_1]

There is a lot of confusion around Samsung‘s chip strategy for the Galaxy S25 series. Rumors have hinted at the possibility of a Snapdragon exclusivity, a Snapdragon-Exynos dual-chip strategy, or a three-pronged strategy with MediaTek in the mix. While we wait for the dust to settle, a new rumor has revealed exciting information about the upcoming Samsung flagships. The Galaxy S25, at least the Snapdragon-powered units, will allegedly support FSR/DLSS-like AI upscaling for games.

Snapdragon-powered Galaxy S25 to boast AI upscaling for games

Renowned Chinese tipster Digital Chat Station recently took to Weibo claiming that Qualcomm’s Snapdragon 8 Gen 4 (the chipset expected to power the Galaxy S25 series in some or all markets) will feature an improved Adreno 830 GPU with support for frame interpolation technology. In simpler words, the chip can use AI to boost frame rates in graphic-intense games. It helps make the gameplay smoother as long as developers support the technology in their games.

The tipster says the Snapdragon 8 Gen 4 can run Genshin Impact at 1080p resolution and 120fps (frames per second) frame rate. If true, we are in for a massive improvement in frame rate. The Galaxy S24’s Snapdragon 8 Gen 3 tops out at 60fps in maxed-out Genshin Impact graphics settings. This is huge for a smartphone chip. Frame interpolation is a relatively new technology limited to AMD and Nvidia’s latest PC GPUs. Their solutions are respectively named FSR and DLSS.

The trick is to artificially insert frames between existing frames, making graphics look smoother than they actually are. The technology may occasionally cause input lag and visual artifacts like blurring, but it certainly makes the gameplay smoother. As said earlier, developers must adopt frame interpolation for the feature to work on their games. However, the potential is huge if implemented correctly. We may see AAA PC/console-level games run smoothly on Android flagships.

Qualcomm Snapdragon 8 Gen 4 GPU frame interpolation technology AI upscaling games

Well, Apple’s A17 Pro-powered iPhone 15 Pro and iPhone 15 Pro Max can already run AAA games like Resident Evil Village and Assassin’s Creed: Mirage. So, it’s about time Android chipmakers catch up. And Qualcomm may lead the pack with its next-gen flagship SoC. Of course, the Snapdragon 8 Gen 4’s AI upscaling won’t be exclusive to the Galaxy S25 series. Other phones powered by this chipset will also get access to this revolutionary gaming technology.

The new Snapdragon arrives in October, possibly with a higher price tag

Qualcomm will unveil the Snapdragon 8 Gen 4 in October. Rumors say the new chip will be up to 30% costlier than its predecessor, costing as much as $260. This may make the next batch of Android flagships more expensive. Interestingly, the source says a firmware update could bring AI upscaling to Android phones powered by the Snapdragon 8s Gen 3 and Snapdragon 8 Gen 3. That certainly won’t happen before the Gen 4 arrives. Expect more leaks about the next-gen Qualcomm processor in the coming months.


[ad_2]
Source link

Hackers using Dropbox And Google Docs To Deliver Orcinius Malware 

andreasc
-
0
Hackers using Dropbox And Google Docs To Deliver Orcinius Malware 
[ad_1]

A new Orcinius Trojan has been discovered, employing VBA Stomping to hide its infection. The multi-stage trojan uses Dropbox and Google Docs to stay updated and deliver second-stage payloads. 

Typically, VBA stomping removes the VBA source code in a Microsoft Office document, leaving only a compiled form of the macro code known as p-code in the document file.  

“The malware contains an obfuscated VBA macro that hooks into Windows to monitor running windows and keystrokes and creates persistence using registry keys”, SonicWall Capture Labs threat research team shared with Cyber Security News.

"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo

How The Attack Is Executed?

An Excel spreadsheet, in the present instance “CALENDARIO AZZORTI.xls,” is the initial way of infection.

Three worksheets discussing different cities’ billing cycles are included in what looks to be an Italian calendar.

The Spreadsheet file

The file contains a VBA macro that has been altered using a method known as “VBA stomping,” which destroys the original source code and leaves just compiled p-code. 

As indicated by Olevba, this means that examining the macro inside the document will either display nothing or a safe copy of the code that will execute when the file is opened and closed.

Detecting malicious activity

The file will launch the macro during runtime and carry out the following tasks:

  • To hide warnings, check the registry keys and create a new key.
  • List all of the windows that are presently open.
  • Establish persistence.
  • Access both of the encoded URLs and try to download.
  • keep an eye on keyboard input.
  • Make many randomized timers for download and activation attempts.
Enumerating running windows

URLs:

  • www-env.dropbox-dns[.]com
  • hxxps://docs.google[.]com/uc?id=0BxsMXGfPIZfSVzUyaHFYVkQxeFk&export=download
  • hxxps://www.dropbox.com/s/zhp1b06imehwylq/Synaptics.rar?dl=1

According to researchers, the sample and stated URLs have been linked to Remcos, AgentTesla, Neshta, HTMLDropper, and other malicious websites that pose as “Synaptics.exe” and are available on VirusTotal. The pages at both locations were inaccessible during runtime.

Due to the rise of harmful cyber activity, there are excessive risks of misinterpretation, escalation, and spreading impacts.

Are you from SOC/DFIR Teams? - Sign up for a free ANY.RUN account! to Analyse Advanced Malware Files


[ad_2]
Source link

A bunch of OnePlus 13 details confirmed by a trusted source

andreasc
-
0
A bunch of OnePlus 13 details confirmed by a trusted source
[ad_1]

The OnePlus 13 will become the company’s new flagship later this year. It may launch globally in January next year, though. In any case, a bunch of OnePlus 13 details have just surfaced, thanks to a trusted source.

A well-known tipster just confirmed a bunch of OnePlus 13 details

This information comes from Digital Chat Station, a well-known Chinese tipster. He went to Weibo to share a bunch of tidbits. The tipster confirms that the OnePlus 13 will be fueled by the Snapdragon 8 Gen 4, as expected.

In addition to that, the phone will feature a 2K “iso-depth micro-curved display”. So yes, the panel will once again be curved. Its size wasn’t mentioned, but it could be a 6.8-inch panel once again.

A larger battery will be included inside the phone, and it will be a silicon-carbon unit it seems. The OnePlus 12 already used a 5,400mAh battery, so it was large to begin with. Well, thanks to a silicon-carbon battery, OnePlus will be able to improve that even more, while not adding bulk to the phone.

Fast wired & wireless charging will be on offer, and three 50MP cameras

100W wired charging will be supported, and wireless charging will be offered too. The OnePlus 12 supports 50W wireless charging, so we’re expecting that same charging (or better) to be included in the OnePlus 13.

Three cameras will sit on the back of the phone, three 50-megapixel units. We’re hoping that the main shooter will be a 1-inch type camera. The tipster mentioned that a periscope telephoto camera will be a part of the package, with a 3x optical zoom. Hasselblad will once again be a part of the package too.

An ultrasonic fingerprint scanner is also mentioned by the tipster. The same goes for a “super-lage X-axis motor”, for haptic feedback. The OnePlus 13 will also be IP68/IP69 certified for water and dust resistance. This is an improvement over the IP65 certification that the OnePlus 12 offered.


[ad_2]
Source link

Opera’s gaming-oriented browser updated with even more AI features

andreasc
-
0
Opera’s gaming-oriented browser updated with even more AI features
[ad_1]

Opera GX is a browser launched back in 2019, which aims to be the browser of choice for millions of gamers who are looking for a more custom internet experience.

Besides its gaming-inspired design, Opera GX includes CPU, RAM and Network Bandwidth limiters that make it less resource-hungry, thus leaving more of the computer’s resources for gaming.

The browser received a lot of updates since its release, so it makes sense for Opera to want to bring the latest advancements in AI to those using GX. If you’re using Opera GX on Android, iOS or desktop, you’re in for some nice AI-related surprises.

The latest Opera GX update increases Aria’s capabilities by adding image generation and understanding, voice input, a chat summary option, as well as links to sources.

Opera GX’s Aria gains the ability to turn text prompts and descriptions into unique images using the image generation model Imagen2 by Google. Basically, Aria is now able to identify the user’s intention to generate an image based on conversational prompts.

Furthermore, Opera GX users can take advantage of the “regenerate” option to have Aria come up with a new image if they’re not satisfied with the initial result. However, there’s a limit to the number of images that Aria is allowed to generate each day pers user, and that’s 30.

Another interesting new feature coming to Opera GX is Aria’s ability to read answers out loud by using Google’s WaveNet model. Also, Aria is gaining image understanding capabilities, so users can now upload an image to Aria that they can ask the AI too about as part of the chat conversation.

This is especially useful if you want to identify a certain item by brand and/or model. But Aria can also solve math problems among other things.

On a side note, these are the same features that Opera released as part of its experimental AI Feature Drops program in the Developer stream of the Opera One browser.


[ad_2]
Source link

CapraRAT Mimics As Popular Android Apps Attacking Android Users

andreasc
-
0
CapraRAT Mimics As Popular Android Apps Attacking Android Users
[ad_1]

Transparent Tribe (aka APT36) has been active since 2016, focusing on social engineering strategies to target Indian government and military personnel.

The CapraTube campaign of Transparent Tribe (aka APT36) was revealed in September 2023, in which threat actors employed weaponized Android apps posing as YouTube, mostly in dating scenarios.

Cybersecurity researchers at SentinelLabs recently discovered that the CapraRAT has been mimicking popular Android apps by attacking Android users.

These latest actions imply complex but relatively increased spyware conformity with older and modern versions of Android, revealing the group’s adaptability and continuous drive to widen its attack surface against Indian targets.

"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo

CapraRAT As Android Apps

The code of this malware contains obfuscated URLs and utilizes WebView to launch YouTube and CrazyGames[.]com. The “Sexy Videos” app still uses social engineering tactics centered on romance.

“TikTok” is a preloaded query on one app that launches YouTube with a search “Tik Toks.” Another, labeled as “Weapons”, opens the Forgotten Weapons YouTube channel while the third one called “Crazy Games” loads CrazyGames[.]com.

New CapraRAT APKs (Source – Sentinel Labs)

SentinelLabs researchers said this change in CapraRAT’s modus operandi demonstrates its flexibility and employment of genuine platforms as smokescreens for malicious activities, consequently maintaining its core function of accessing sensitive device permissions.

The latest CapraTube campaign continues with the same old romance-themed social engineering using such apps. These apps open YouTube and run theme-related searches.

Although some previously requested permissions have been removed, this malware asks for a lot of dangerous permissions during monitoring.

Android 8.0 (Oreo) and above versions are now being targeted compared to the September 2023 campaign to make them more compatible with modern devices.

Still, they ask for suspicious permissions despite operating well on new Android versions. Consequently, a new WebView class has been added to retain compatibility with older Android versions.

Even after updating these aspects, malware’s core functionality remains largely unchanged as they focus on surveillance capabilities.

The spyware application CapraRAT is initiated through MainActivity and exploits the TCHPClient class for malicious activities. It includes functions for audio streaming, call recording, contact logging, file browsing, and SMS sniffing.

These kinds of malware use particular hostnames and IP addresses to communicate with their C2 servers, some of which are connected to other malware like CrimsonRAT.

The latest updates aim to enhance the software’s reliability and ensure its compatibility with newer Android versions.

The social engineering tactics employed by this malware target specific groups, such as mobile gamers or people who love guns.

Users should pay attention to app permissions they give during installations and be cautious about unnecessary requests for access.

Incident responders must keep an eye on specific network indicators and method names related to CapraRAT.

IoCs

IoCs  (Source – Sentinel Labs)

Are you from SOC/DFIR Teams? - Sign up for a free ANY.RUN account! to Analyse Advanced Malware Files


[ad_2]
Source link

HONOR Magic V3 launch date has just been announced

andreasc
-
0
HONOR Magic V3 launch date has just been announced
[ad_1]

The HONOR Magic V3 launch date has been announced by the company. The device will become official on July 12, so in 10 days. It will launch in China, and it won’t be the only device to arrive.

The HONOR Magic V3 launch date has been announced, and it’s not coming alone

HONOR will also announce the Magic Vs3, MagicPad 2, and MagicBook Art 14. It will be a packed event, it seems. Two foldable phones, a tablet, and a laptop will all arrive. The HONOR Magic V3 is definitely in focus, though.

HONOR Magic V3 launch event announcement

That smartphone will become the company’s new foldable flagship. The HONOR Magic V2 managed to leave quite an impression on us due to its thin profile. That was the first device that actually felt like a regular smartphone during use, and it was a book-style foldable.

The HONOR Magic V3, based on rumors, will push things even further. It’s said to be even thinner than its predecessor, and even lighter too. HONOR is looking to push the boundaries yet again.

The phone’s camera setup is a mystery, and we’re expecting to see an improvement

Let’s hope that HONOR will also improve its camera setup. That’s a bit ask considering that the phone is expected to be even more compact than it way, but let’s see what HONOR can do in that regard.

The company didn’t really want to overdo the camera hardware in the Magic V2, probably due to the thickness and heft. And even though it had a really good camera setup, HONOR can certainly do better based on the company’s flagship smartphone (the regular one).

The HONOR Magic Vs3 will likely be a cheaper variant of the HONOR Magic V3. It’s a bit surprising those two devices are coming at the same time, but there you have it. The HONOR Magic V2 did launch globally, though it arrived 6 months after the initial launch. Let’s hope that HONOR will move a bit more quickly this time around.


[ad_2]
Source link

Google Tensor G5 design is ready, coming with Pixel 10

andreasc
-
0
Google Tensor G5 design is ready, coming with Pixel 10
[ad_1]

Google has completed the design of the Tensor G5 SoC, a chip that will fuel the Pixel 10 next year. That chip is now ready to be sent to the foundry for fabrication. This one will be manufactured by TSMC, by the way.

The Google Tensor G5 design is ready, coming next year

The information regarding the finished design process comes from Taiwan. The Pixel 10 series will be the first to utilize this processor. Other Pixel products are expected to include it after that, though, of course.

This chip will be made using TSMC’s second-gen 3nm node aka N3E. This chip is expected to be a considerable jump compared to everything else Google made thus far. Google designed it itself, and TSMC’s second-gen 3nm node is the right way to manufacture it.

The Google Tensor G5 is probably the chip Google hopes will compete with the best processors out there. It is expected to be immensely powerful, in addition to be designed specifically for Pixel products.

Pixel users had to deal with some questionable SoCs in the past, Google is looking to change that

Pixel users had to deal with some really questionable chips in the past. The Exynos 5123 model inside the Pixel 6 series definitely comes to mind, and it was a part of the Tensor chip. The Exynos 5300 was an improvement, but still not the best solution. That one was included in the Pixel 7 and Pixel 8 series smartphones.

What happens now? Well, while the chip is ready for manufacturing, Google still has to test it out after the fact. We’re still a long way from seeing that chip in action, as the Tensor G4 hasn’t launched just yet.

The Tensor G4 will arrive alongside the Pixel 9 series next month. Google announced that the new Pixel smartphones will become official on August 13. That is a big change for Google, as everyone expected the devices to arrive in early October.


[ad_2]
Source link

YouTube will let you flag AI-generated content for removal if it includes someone that looks or sounds like you

andreasc
-
0
YouTube will let you flag AI-generated content for removal if it includes someone that looks or sounds like you
[ad_1]

Generative AI is everywhere, it’s fun and useful and can save you hours. But it’s not really “making things up”, or at least, not entirely. It is “generating” stuff, but it’s basing it on things that are already existing, including… well, real people. And now, YouTube has quietly added a policy that lets you request the removal of AI-generated content that features ‘your likeness’. The new policy allows you to flag videos that use AI if the AI has created something that looks or sounds like you. That’s actually great if YouTube is able to enforce this, depending on how it’s going to determine if the generated content looks like you.

YouTube says it will use factors such as whether the content is altered or synthetic (and if it’s been disclosed as such), and whether it is easily identifiable as the person in question.

Additionally, YouTube will take into account whether the content is parody or satire, if it includes a public figure or a well-known person, also, if there is ‘sensitive behavior’ like crime, violence, endorsing a product or a political candidate.  

The new policy falls under YouTube’s privacy violations, and first-party claims are required. The exception is only if the individual is a minor, doesn’t have access to a computer, or is deceased.

Izzy, a tech enthusiast and a key part of the PhoneArena team, specializes in delivering the latest mobile tech news and finding the best tech deals. Her interests extend to cybersecurity, phone design innovations, and camera capabilities. Outside her professional life, Izzy, a literature master’s degree holder, enjoys reading, painting, and learning languages. She’s also a personal growth advocate, believing in the power of experience and gratitude. Whether it’s walking her Chihuahua or singing her heart out, Izzy embraces life with passion and curiosity.


[ad_2]
Source link
1...686970...1,456Page 69 of 1,456